ISO/IEC 17799: Code of Practice for Information Security Management is a generic set of best practices for the security of information systems. Considered the foremost security specification document in the world, the code of practice includes guidelines for all organizations, no matter what their size or purpose. 17799 was originally published in the United Kingdom as DT Code of Practice, and then later as BS 7799.

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

The ISO/IEC 17799 details 127 security measures, organized into 10 sections; these specify best practices for: business continuity planning; system access control; system development and maintenance; physical and environmental security; compliance; personnel security; security organization; computer and operations management; asset classification and control; and security policies. The purpose of the code of practice is to be as comprehensive as possible, covering practices that are applicable to a broad range of endeavors. The document suggests that particular organizations can benefit from selecting those specifications that apply to them.

The document is currently being revised to provide sufficient detail to enable the development of a security management system.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy